0

I write this code for my telegram bot to check how many post each user post in group

$trimmedID = trim($chatId,"-");
$chat_run = mysql_query("SELECT user_id FROM `$trimmedID`");
if(mysql_num_rows($chat_run) > 1) {
    $query_post = "SELECT `post` FROM `$trimmedID` WHERE `user_id`='$chatMID'";
    $query_post_run = mysql_query($query_post);
    if(mysql_num_rows($query_post_run) == 0)
    {
        $query="INSERT INTO `$trimmedID` VALUES('1','$chatMID','$firstname','$lastname','$username')";
        mysql_query($query);
    }else{
        $post = mysql_fetch_assoc($query_post_run);
        $count = $post['post']+1;
        $query="UPDATE `$trimmedID` SET `post`='$count' WHERE `user_id`='$chatMID'";
        mysql_query($query);
    }
}else{
    $create_TB = "CREATE TABLE `$trimmedID` (
    post int (100) NOT NULL,
    user_id int (20) NOT NULL PRIMARY KEY,
    firstname varchar (100) NOT NULL,
    lastname varchar (100) NOT NULL,
    username varchar (100) NOT NULL
    )";
    mysql_query($create_TB);
    $query="INSERT INTO `$trimmedID` VALUES('1','$chatMID','$firstname','$lastname','$username')";
    mysql_query($query);
}

first it check table exist or not then check for the user existance finally if user exist increase its number of post value with UPDATE in mysql

post value for some users increase by itself without clear reason. how can I solve this problem?

reza hornet
  • 67
  • 7
  • First thing your code is open to an SQL injection attack and you're using mysql which is deprecated better switch to PDO or mysli with prepared statements. – S4NDM4N Aug 14 '17 at 07:53
  • **Don't** use the **deprecated and insecure** _mysql_*-functions. They have been deprecated since PHP 5.5 (in 2013) and were completely removed in PHP 7 (in 2015). Use MySQLi or PDO instead. 2. You are **wide open to** [SQL Injections](http://php.net/manual/en/security.database.sql-injection.php) and should really use [Prepared Statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) instead of concatenating your queries, which can be used if you use the above mentioned MySQLi or PDO. – Milan Chheda Aug 14 '17 at 07:59
  • Could it be that using `$count = $post['post']+1;` is vulnerable to a user modifying the value of `post` to an arbitary value and thus the count increases by that value? Also - why have the ability to create tables like this? – Professor Abronsius Aug 14 '17 at 08:00
  • Where is this script. How/when does it run? – Amit Joshi Aug 14 '17 at 08:07
  • It's the else part of the code it seems to increment by one each time the code runs as @RamRaider said. – S4NDM4N Aug 14 '17 at 08:10
  • everytime someone post or send value to bot this code run – reza hornet Aug 14 '17 at 08:32
  • users cannot access the code...they dont know bot get values. – reza hornet Aug 14 '17 at 08:36
  • How does the user post or send value to this bot? using ajax? is ajax being called on button click? – Amit Joshi Aug 14 '17 at 08:59
  • users send it in telegram app – reza hornet Aug 14 '17 at 09:58

0 Answers0