Basically what this does is makes it so after the user presses a button, they have to wait 2 minutes to press it again. When you press it the first time, it works, then if you press it again before 2 minutes, it says "please wait 2 minutes." but after 2 minutes, you can press it as many times as you like without the error, not what I want. Here is the code
<?php
if('sub') {
$client = $_SERVER['REMOTE_ADDR'];
$username="user";
$password="pass";
$database="db";
mysql_connect(localhost,$username,$password);
$time = strtotime("2 minutes");
$now = strtotime("now");
#mysql_select_db($database) or die( "Unable to select database");
$query = "SELECT Time FROM log WHERE IP='$client'";
$result= mysql_query($query);
$num=mysql_num_rows($result);
while($rows=mysql_fetch_array($result)){
$timestamp = $rows['Time'];
}
echo n;
echo $now;
echo t;
echo $timestamp;
if($now < $timestamp)
{
echo "<center><h2 style=\"color:red\" class=\"texts\" id=\"homeLink\">Please wait 2 minutes.</h2></center>";
}
else{
//some other code
$query1 = "INSERT INTO log VALUES ('$client','$time','$username')";
$query2 = "UPDATE `log` SET `Time`='$time' SET `Username`='$username' WHERE `IP`='$client'";
if($num == 0)
{
mysql_query($query1);
}
else
{
mysql_query($query2);
}
mysql_close();
}
?>
As you can see, if there is no row for the IP of the user, it makes a new one, if there is it will update it. After the first time, it no longer works. Hope someone can help. Thanks!
Your update statement is a bit off, so the update fails;
UPDATE `log` SET `Time`='$time' SET `Username`='$username' WHERE `IP`='$client'"
You should only use SET once, like this;
UPDATE `log` SET `Time`='$time', `Username`='$username' WHERE `IP`='$client'"
I'm pretty sure your database does not contain entries you think it contains. Can you check it (IPs and stuff on after button press)?
Related
I am creating a website in php. I have a database called database1 I have the tables cooldown and my_table The cooldown table contains the columns time(type Timestamp default value CURRENT_TIMESTAMP) and ip(type int(30) default value none). At the end of my code I have mysqli_query($conn, "DELETE FROM cooldown WHERE time < NOW() - INTERVAL 5 MINUTE"); which should delete the row after 5 minutes, but it doesn't delete the row. Could this be because the user gets redirected so the php script stops working? Or do I miss something else?
Code:
//Test if it is a shared client
if (!empty($_SERVER['HTTP_CLIENT_IP'])){
$ip=$_SERVER['HTTP_CLIENT_IP'];
//Is it a proxy address
}elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}else{
$ip=$_SERVER['REMOTE_ADDR'];
}
//The value of $ip at this point would look something like: "192.0.34.166"
$ip = ip2long($ip);
//The $ip would now look something like: 1073732954
$query = mysqli_query($conn, "SELECT ip FROM cooldown WHERE ip = '$ip'");
$row = mysqli_fetch_array($query);
if ($row) {
//What page shall the bans be sent to?
header("Location: http://imnothere.epizy.com/cooldown.html"); //cooldownpage
exit();
} else {
$sql1= "SELECT links FROM my_table WHERE Type = 'spotify' ORDER BY RAND() LIMIT 1";
$result1 = $conn->query($sql1); //this actually runs the query on the DB, and comes back with a $result object
if($result1 === false) {
echo $conn->error();
}
$redirect = $result1->fetch_assoc()['links']; //this gets one row from the $result object, and then the 'links' column from that row.
header("Location: " . $redirect);
$sql = "INSERT INTO cooldown(ip, time) VALUES('$ip', NOW())";
$result = $conn->query($sql); //this actually runs the query on the DB, and comes back with a $result object
if($result === false) {
}
mysqli_query($conn, "DELETE FROM cooldown WHERE time < NOW() - INTERVAL 5 MINUTE");
}
Your SQL query won't delete the rows after 5 minutes, it will delete everything that is 5 minutes or older at the time of the request.
You're probably best moving that line of code to a separate file that is run by cron or setup an event in your db to do it say every minute or so.
U can with Cron job , supervisor or schedule time
Your SQL query almost as it
DELETE FROM cooldown WHERE time < NOW() - INTERVAL 5 MINUTE
If you want every five minutes, use either
*/5 * * * * fooo
I have a while loop with a sleep() function given below :
$employee = mysqli_query( $conn , "SELECT emp_id,emp_name FROM employee
WHERE DATE(datetime) = '$date' " );
if(mysqli_num_rows($employee) > 0){
while ($row = mysqli_fetch_array($employee)) {
$emp_id = $row['emp_id'];
$emp_name = $row['emp_name'];
$number = mysqli_query( $conn ,"SELECT phone_number FROM emp_phone_number
WHERE emp_id = '$emp_id' ");
if(mysqli_num_rows($number) > 0){
while ($row2 = mysqli_fetch_array($number)) {
sleep(2);
}
}
mysqli_query($conn , " INSERT INTO `emails`(`emp_id`, `email`) VALUES ('$emp_id','hello') ");
}
}
The Insert query is working fine without the sleep() function. But when I enable the sleep() function it does not working. Please suggest me the reason.
Where do you open Database connection using mysqli_connect() ? It may be due to Mysql connection timeout as you have sleep of every 2 second. Try using mysqli_connect() before the mysqli_query("Insert Query"); it will work.
The PHP sleep function takes a int argument which is seconds the execution should sleep.
You choose to sleep 2 seconds for each number of each employee.
I would think that the reason your code don't "work" is cause your execution time is so long due to the sleep call that you never see it finish.
Honestly, I cant see why you would ever want to use the sleep function in this case, and it looks quite strange that you just want to sleep a few seconds if a employee have a number or more...
Several people have suggested timeout errors. That seems likely. I would try catching any exceptions to find out what is really happening
$employee = mysqli_query( $conn , "SELECT emp_id,emp_name FROM employee
WHERE DATE(datetime) = '$date' " );
try{
if(mysqli_num_rows($employee) > 0){
while ($row = mysqli_fetch_array($employee)) {
$emp_id = $row['emp_id'];
$emp_name = $row['emp_name'];
$number = mysqli_query( $conn ,"SELECT phone_number FROM emp_phone_number
WHERE emp_id = '$emp_id' ");
if(mysqli_num_rows($number) > 0){
while ($row2 = mysqli_fetch_array($number)) {
sleep(2);
}
}
mysqli_query($conn , " INSERT INTO `emails`(`emp_id`, `email`) VALUES ('$emp_id','hello') ");
}
}
}
catch(\Exception $e){
die($e->getMessage());
}
I was able to do online status but works only for one user. When I login, it shows all users on users.php online even when they are offline.
Here is the Status Code:
session_start();
include_once 'db_connect.php' ;
if(isset($_SESSION['users'])) {
$setLogged= mysql_query("UPDATE `users` SET `lastlogin` = '$last' WHERE `id` = '".$_SESSION['users']."'") or die(mysql_error());
}
$last = strtotime(date('Y-m-d H:s'));
$loggedtime = time() - 300; // 5 minutes
if($last > $loggedtime) {
echo '<font color="green" size="3px">online</font>';
} else {
echo '<font color="red" size="3px">offline</font>';
}
?>
I need help on how to make it work for multiple users.
Thanks. ;)
You have to use something like this:
$query=mysql_query("SELECT id FROM users WHERE last_login>NOW()-INTERVAL 30 MIN");
while($array=mysql_fetch_assoc($query)){
//Do something with the id's or the info you get for user who have there last login
//in the last 30mins
}
As #Crisp says in the comment above your query for last_login should be updated too, you can use mysql now() function like this:
$setLogged= mysql_query("UPDATE `users` SET `lastlogin` = NOW() WHERE `id` = '".$_SESSION['users']."'") or die(mysql_error());
Note you have to stop using mysql_* as these functions are deprecated, start using PDO or mysqli
I am trying to set time limit in reservation system. Such that Users must
have the ability to remove their bookings, but not before the lapse of 1 minute away from the time when the booking has been entered
<?php
require_once 'connection.php';
if(isset($_SESSION['book'])){
if (isset($_SESSION['book_time'])){
if (time()-$_SESSION['book_time']>= 60){
if (isset($_POST['delete'])){
$machineID = $_POST['machine_id'];
$starttime = $_POST['start_time'];
$qry = "DELETE FROM bookings where machine_id = '$machineID' AND start_time = '$starttime'";
$result = mysql_query($qry,$conn);
if ($result){
if(mysql_affected_rows()>0){
$message[] = 'Booking Deleted form DB';
}
}
}
}
}
}
?>
but it couldn't remove even after 1 min with this script....what could be possible problem
Possible problems:
$_SESSION['book'] or $_SESSION['book_time'] or $_POST['delete'] is NULL
$machineID contains not exists ID
$starttime contains wrong time or time in wrong format
Try to dump this variables. If they are ok try to run query manualy.
There is a script that triggers the code below
I want to disallow executing the script more than once per 24 hours.
I wanted this script to store the last visit time in a table against the user id in a database, then do a time calculation and back them out until the 24 hour expiry time.
Can someone explain how to do this? It would be greatly appreciated if someone could help me with this?
<?php
//Input correct values into this section
$dbhost = '888888';
$dbuser = '888888';
$dbpass = '888888';
$dbname = '888888';
$dbtable = 'redeem';
$dbtable2 = 'playersthatvoted';
//------------------------------------
$input = 'diamond 12';
$player = $_POST['Player'];
$time = time();
if(!isset($_COOKIE['24Hourvote'])){
//---- This is the connection
$conn = mysql_connect ($dbhost, $dbuser, $dbpass) or die ('Error: ' . mysql_error());
mysql_select_db($dbname);
$query1 = "INSERT INTO `".$dbname."`.`".$dbtable."` (`player`, `item`) VALUES ('".$player."', '".$input."')";
$query2 = "INSERT INTO `".$dbname."`.`".$dbtable2."` (`player`, `time`) VALUES ('".$player."', '".$time."')";
mysql_query($query1);
mysql_query($query2);
$query= 'SELECT `player` FROM `playersthatvoted` ASC LIMIT 0, 10 ';
$result = mysql_query($query);
mysql_close($conn);
echo 'Done! Type /redeem in-game to get your diamonds.';
$ip=#$REMOTE_ADDR;
setcookie ("24Hourvote",$ip,time()+86400,'/',true,…
} else {
echo 'You have already voted today! Come back later...'; }
?>
EDIT: and could I make it so that it displays the time left until the user can vote again?
To me it looks like you already know what you have to do:
I wanted this script to store the last visit time in a table
against the user id in a database.Then do a time calculation and
back them out until the 24 hour expiry time.
So:
Forget about the cookie. It is stored on client side and can be manipulated.
Before count the vote check the [lastvisit] field of the current user.
If not set count the vote and set the [lastvisit] field in your table to the current date.
If set calculate the time span between now and the last vote. If bigger than 24 hours, count the vote and set the [lastvisit] field in your table to the current date.
Be aware of:
Manipulated parameters: $_POST['Player'];
SQL injections: VALUES ('".$player."', '".$input."')
If you have problems with one of these tasks then ask about the specific problem.
<?php
//Input correct values into this section
$dbhost = '888888';
$dbuser = '888888';
$dbpass = '888888';
$dbname = '888888';
$dbtable = 'redeem';
$dbtable2 = 'playersthatvoted';
//------------------------------------
$input = 'diamond 12';
$time = time();
if(!isset($_COOKIE['24Hourvote'])){
$ip = $_SERVER['REMOTE_ADDR'];
//---- This is the connection
$conn = mysql_connect ($dbhost, $dbuser, $dbpass) or die ('Error: ' . mysql_error());
mysql_select_db($dbname);
// Escape all user entered data always
$player = mysql_real_escape_string($_POST['Player']);
// Select time for this player if available
$query = "SELECT time FROM playersthatvoted WHERE player = '$player' ORDER BY time DESC LIMIT 0, 1";
$result = mysql_query($query);
if(mysql_num_rows($result) != 0)
{
$row = mysql_fetch_row($result);
$last_visit = $row[0];
$vote_allowed_time = $last_visit + 86400;
// Allowed to vote
if($time > $vote_allowed_time)
{
// Do whatever else you need to here ...
setcookie ("24Hourvote",$ip,time()+86400,'/');
}
else
{
echo 'This player has already voted today! Come back later...';
}
}
else
{
$query1 = "INSERT INTO `".$dbname."`.`".$dbtable."` (`player`, `item`) VALUES ('".$player."', '".$input."')";
$query2 = "INSERT INTO `".$dbname."`.`".$dbtable2."` (`player`, `time`) VALUES ('".$player."', '".$time."')";
mysql_query($query1);
mysql_query($query2);
$query= 'SELECT `player` FROM `playersthatvoted` ASC LIMIT 0, 10 ';
$result = mysql_query($query);
mysql_close($conn);
echo 'Done! Type /redeem in-game to get your diamonds.';
setcookie ("24Hourvote",$ip,time()+86400,'/');
}
} else {
echo 'You have already voted today! Come back later...'; }
?>
Note: Never trust the user input, always validate and escape the data.
Changed:
$player = $_POST['Player'];
to:
$player = mysql_real_escape_string($_POST['Player']);
Added:
// Select time for this player if available
$query = "SELECT time FROM playersthatvoted WHERE player = '$player' ORDER BY time DESC LIMIT 0, 1";
$result = mysql_query($query);
if($result)
{
$row = mysql_fetch_row($result);
$last_visit = $row[0];
$vote_allowed_time = $last_visit + 86400;
// Allowed to vote
if($time > $vote_allowed_time)
{
// Do whatever else you need to here ...
setcookie ("24Hourvote",$ip,time()+86400,'/');
}
else
{
echo 'This player has already voted today! Come back later...';
}
}
else
{
...
}
UPDATE
I would like to highlight the fact that as it stands anyone can enter the player name and try to vote for it and that does not necessarily mean the same user who clicks the vote button.
Additionally the IP address is not being used for any purposes, it may be an idea to use this for further permission/security checks.