I have tested everything and nothing works here's my code
<?php
session_start();
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { die('Invalid id'); }
$conn = mysqli_connect("redacted", "redacted", "redacted", "redacted");
if (!$conn) {
die("Connection failed: ".mysqli_connect_error());
}
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
$id = (int)$_GET['id'];
"UPDATE affiliate SET clicks WHERE ID='$id' = clicks + 1";
header("Location: https://discord.gg/CjzZRBq");
?>
and after I want it to echo on the users dashboard this is what I have
<h1>Clicks</h1>
<br />
<br />
You have gotten: <?php $conn = mysqli_connect("localhost",
"id2278622_jonny", "Fencing1", "id2278622_affiliate");
if (!$conn) {
die("Connection failed: ".mysqli_connect_error());
}
$sql = "SELECT clicks FROM affiliate WHERE ID='$ID'";
echo "$sql";
?> Clicks!
but it just echos the sql code
You haven't actually sent your query to the database. You've just built a query string. A string that you didn't even save to a variable.
$id = (int)$_GET['id'];
"UPDATE affiliate SET clicks WHERE ID='$id' = clicks + 1";
header("Location: https://discord.gg/CjzZRBq");
Should be:
$id = (int)$_GET['id'];
$qry= "UPDATE affiliate SET clicks = clicks+1 WHERE ID='$id'";
conn->query($qry);
header("Location: https://discord.gg/CjzZRBq");
You should also look up SQL Injection. Casting to an int mitigates risk, but you should definitely be using bind variables.
The problem is you're just echoing $sql (which is the query string), rather than passing that SQL command to your database. Also note that your current script is vulnerable to SQL injection. To avoid this, use prepared statements:
// Retrieve the number of existing clicks
$stmt = $conn->prepare("SELECT clicks FROM affiliate WHERE ID = ?");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->bind_result($clicks); // Store the result in the $clicks variable
$clicks++; // Increment clicks
// Update the table
$stmt2 = $conn->prepare("UPDATE affiliate SET clicks = ? WHERE ID = ?");
$stmt2->bind_param("si", $clicks, $id);
$stmt2->execute();
// Close the connection once finished
$conn->close();
Hope this helps! :)