Unique Profile Views Counter (Update Database with New Number)

[CloudSex13]

Hi all,

 

I'm trying to create a PHP script for user's profile to display the amount of times they've been viewed. I'm looking to have this script increase on a unique view, and it should update the variable in the database.

 

Profiles are accessed by the following link: userprofile.php?userid=X (where X is the ID, e.g. 1, 2, 1001, 345982, etc.).

 

The database variable I'm looking to update is called ProfileViews.

 

I began developing the script, which is as follows:

 

$_SESSION['Viewed'] = 0;

if ($_SESSION['Viewed'] == 0) {

$profileViewsQuery = mysql_query("SELECT ProfileViews FROM Users WHERE UserID='????'");

$getProfileViews = mysql_fetch_array($profileViewsQuery);

$profileViews = $getProfileViews['ProfileViews'];

$profileViews = $profileViews + 1;

mysql_query("UPDATE Users SET ProfileViews='$profileViews' WHERE UserID='????'");

$_SESSION['Viewed'] = 1;

}

 

However, I'm stumped on a couple things. Could you possibly help me out?

 

1. How can I get the script to recognize the link accessed's ID? E.g. when a user goes to userprofile.php?userid=1001, how can I get the script to identify the ID to update should be 1001? This is where the "????" would be replaced in the code.

2. On page load, the variable is always going to be $_SESSION['Viewed'] = 0, which isn't going to produce unique hits. Do you have any recommendations how I could achieve unique hits using this method?

 

Thanks very much for reading.

[CloudSex13]

Was having a blank on how to get the ID.

 

This should do it, right?

 

$userID = $_GET['userid'];

 

...and $userID would be what I'd need to use in the mysql_query strings?

[Pikachu2000]

If the user id comes in from the URL, or a form using the GET method, then yes. You'll want to take steps to sanitize it before allowing it into the query string however. Assuming its value is expected to be an integer:

 

if( isset($_GET['userid']) && ctype_digit($_GET['userid']) ) {
     $userID = (int) $_GET['userid'];
} else {
     // validation failed, so do something else, such as present an error message, etc.
}

[CloudSex13]

Pikachu2000,

 

Thanks very much for the help. That certainly does make sense... I didn't consider that the user could do SQL injection or something bad like that into the URL.

 

I do have a question about your code for learning purposes. I tried Googling it, but it didn't seem to help.

 

Where you have...

 

$userID = (int) $_GET['userid'];

 

What does the

(int)

do?

 

Thank you.

[CloudSex13]

I mean, should a session variable do the trick, or would anyone have any better ideas they could point me in the direction of?

[Pikachu2000]

The (int) forces, or casts the value as an integer data type. Consider:

 

$data = '34forty';
var_dump( (int) $data);
// returns 'int 34' showing data of integer type, value 34

[CloudSex13]

Thanks for explaining that out to me, Pikachu2000. I really appreciate that.

 

If anyone else has any sort of suggestion as to how I can approach my profile views script, please feel free to let me know. I've begun the process of pulling my hair out. x.x

[MasonPrice]

i think i can help you with this, but let me see if i understand what your trying to do first .......

do you want to add 1 count every time a user clicks on a userprofile link (userprofile.php?userid=1001 ect.) ????

[CloudSex13]

Thanks for your reply, MasonPrice.

 

In a nut-shell, yes. But I'm looking to add some sort of Session variable to prevent duplicate profile views. I don't want a user to be able to refresh they're profile and be able to add a count to it. Maybe I could prevent the user from doing this. Basically, a guest browser (someone without an account) - the session profile view should increase each visit.

 

Any suggestions and ideas are welcome. Thank you!

[MasonPrice]

i just wrote this while i was eating some ribs it works great!!!!

 

if you dont want them to refresh the page and keep adding +1 would need to add their ip address to your database

and kill the script if they already view'd the page on that day

 

if your still having trouble just let me know

<?php

include ("connect.php");

$query = mysql_query("SELECT * FROM view_counting");
while($roww = mysql_fetch_array($query))
{
$id = $roww["id"];
$username = $roww["pagename"];
$views = $roww["views"];
echo"<a href='simplecounter.php?id=$id&username=$username&views=$views'>$username</a><br>";
}

?>

<?php

$id = @$_GET['id'];
$views = @$_GET['views'];
$username = @$_GET['username'];

mysql_query("UPDATE view_counting SET views = '$views'+1 WHERE id = '$id' AND pagename= '$username'");

$sql = mysql_query("SELECT * FROM view_counting WHERE id = '$id' AND views = '$views'AND pagename= '$username'");
while($row = mysql_fetch_array($sql))
{
$id = $row["id"];
$username = $row["pagename"];
$views = $row["views"];
}
echo "$username you have $views ";
   


?>

[CloudSex13]

MasonPrice, I really, really, really want ribs now. Darn.

 

Anyway, thanks very much for the coding example. It's really spawned some great ideas on how I can approach the situation.

 

Thanks again!

[Pikachu2000]

Don't use @ in your code unless it's part of an email address. There's rarely (if ever) a valid reason to suppress an error rather than correct it.

[CloudSex13]

Thanks for the tip!

[MasonPrice]

@CloudSex13 no problem dude enjoy happy coding glad I could help