I'm making a system to save users' IPs into a table along with the last time they posted something.
First, I check for an already-existent record of the user's IP with
SELECT lastpost FROM users WHERE ip = '$IP'
I then check whether the result of that query is empty, and if it is it means that the user's IP is not present and it should be recorded, so I proceed by doing this query:
INSERT INTO users (ip, lastpost) VALUES ('$IP', '$ctime')
Where $IP is the user's IP fetched using $_SERVER['REMOTE_ADDR'] and $ctime is a time string created using date("Y-m-j H:i:s").
Even though after performing the latter query the data is present into the table, I keep getting the error
SQLSTATE[HY000]: General error
Which is, by itself, not very helpful. I'd like to understand what I'm doing wrong here. Thanks in advance.
P.S.: I'll use this question to also ask how I could compare, using a query, the time I have calculated with PHP's date() with the time already present in the table (of type "datetime") to see if the one calculated with date() is greater than the one in the database by at least one minute.
I would first try to cast $ctime as a datetime CAST('$ctime' AS DATETIME) to see if that works.
For testing minute difference use TIMEDIFF().
SELECT IF(TIMEDIFF(CAST('$ctime' AS DATETIME), lastpost) > CAST('00:01:00.000000' AS DATETIME), /*do this*/, /*else do this*/)
This will return a time difference. If the time difference is negative, $ctime is earlier than lastpost. But you can get into pretty fine granularity here.
See if the above helps.
(Oh, I found all of this via Google and searching for mysql and datediff, timediff, or cast.)
Related
I've been trying to add in an expiry for password reset requests.
When the user requests a password request at the moment, it stores an expiration date in the database as NOW() + INTERVAL 2 DAY - so exactly 2 days from now.
When the user comes back to the page by following their reset link, it checks the reset key exists and then runs a series of if statements, one of which I want to test whether the current DateTime is greater than that of which is in the database and if it is then display an error message.
I've tried a raft of ways as most tend to suggest using SQL to evaluate this. The most recent and most popular from what I've found was to do the following:
"SELECT *, DATE(`Expiration`) > DATE(NOW()) AS is_current FROM password_reset WHERE Reset_link='$key'"
This way you could then feed the results in to a variable and test it in the if statement as is_current would either be 0 or 1, i.e:
if ($result_check_row['is_current']){
echo '<div class="warning">Your password reset request has now expired. Please request a new one by completing the form again.''</div>';
}
I haven't had any luck with this, or any of the other things I've tried which include creating a timestamp via PHP to test against this.
Can anyone see where I am going wrong or suggest a good alternative?
try this query, it will produce date difference between current date and expiry date...
SELECT DATEDIFF(DATE(`Expiration`), DATE(NOW())) AS DiffDate FROM password_reset WHERE Reset_link='$key'"
I've been tinkering with PHP lately (self-taught, no formal training), trying to understand how to grab data from a database and display the data somewhere. So far I have learned quite a bit, but now I am stumped.
I have a list of about 200 users in my local database in a table called site_members. The table has three fields: id, name, birth_date. Via PHP, I want to display all the users on a webpage, and have something like "Birthday soon!" be mentioned right after their name. Something like this:
John Smith (Birthday soon!)
I haven't written the code to do this, because I usually write pseudocode first before actually diving into the coding part. Here's the pseudocode:
Get the current date and time and convert it to Unix timestamp
Start foreach loop and go through list of users
Query the database table, get the birthdate of a user by their id, and store it in a variable named bdate.
Convert bdate to Unix timestamp
Subtract the current date from bdate, convert it into days remaining, and store it in a variable called remaining_days.
If the user's bdate is within 15 days (remaining_days is less than 15)
Display their name, followed by (Birthday soon!)
otherwise
Just display their name only
End if
End foreach loop
Here's my problem: With the above pseudocode once translated into actual code, there would be a database query made every time in that foreach loop. Some of the tutorials I consulted mentioned I should avoid that for efficiency reasons, and it makes sense. I ran Google searches to find something similar, but that didn't do much. I do not want anyone to write any actual code for me. I just want a better solution to the querying.
Thanks in advance!
I think your concept for the pseudo code is right, and you're understanding of doing multiple database queries is also right, you just tangled the two into giving you a wrong idea.
If you construct your select statement properly (that's basically what you'd be using to access the database), you actually pull the information for everyone out of the database and store it once in an array (or some other form of object). You can then start your foreach loop using the array as your value and perform the rest of your checks that way.
$date = date("m.d.y");
$people = ** insert your commands to grab the info from the DB **
foreach($people as $person) {
// do your comparison checks and echo's etc in here
}
Does this make sense?
There can be two solutions to your problem:-
1:
Instead of making query for every user, first get the data for all the users.
Traverse the data using foreach loop php
Do the processing and display the results.
2:
Store the user date_of_birth in proper mysql date datatype
Change your mysql query to use date function to get all the users who match your date difference criteria and just display those users.
It seems you failed to read up properly on the relationship between SQL and PHP. If you actually posted code, then you could have been easily unstumped because there are many ways to do the simple task from legacy tutorials to current PDO or even MVC within in 5mins or less.
I'm not going to write the code but you need to change HOW you think in your "pseudo code".
The problem with your pseudo code is because you believe that the DB is not smart and you are doing it as if it was only for storage.
The correct pattern for PHP is the following:
1) use the Date function to retrieve current day + 15. Get month and
day only.
2) you make a SQL query that retrieve all users who's
birth_date field's month and day are GREATER THAN (or equal) to
TODAY and who are less than or equal to today + 15 (day and month
only)
3) execute the query.
4) with the returned data set (if any)
you can choose two path depending situation and design
a) you can loop it with a simple FETCH which fetch each row retrieve
and display name and extra message.
or
b) iterates through the result set and store the display message
into a variable and then finally display it once the iteration is
done.
(option b is prefered because its more flexible since you can use this technique to out into a file instead of an echo)
THIS pseudo-code ensures that you are only retrieve the correct data set with the aid of the SQL system (or storage system).
In terms of overall process, aashnisshah is absolutely correct. First, you should retrieve all the records you need from your database then loop through each row to do your data comparisons and finally close the loop.
As for finding out if their birthday is close and if you want MySQL to do the hard work, you can build your query like that in PHP:
$query = "SELECT *, DATEDIFF(DATE_FORMAT(dob, '" . date('Y') . "-%m-%d'), CURDATE()) AS days_to_dob FROM Members";
The idea is to fetch an extra column called 'days_to_dob' containing the amount of days until that person's date of birth. Note that it will be negative if that date has passed for this year. With that extra column you can easily evaluate whether their dob is within 15 days.
If you don't want any php code, then here is my pseudocode:
Get date and time -> UTC stamp and store in $time_current
Get all from site_members and store in $data
for each entry in $data, store in $record
get birth_date from $record and convert to utc stamp and store in $birthday
print name from $record
if $birthday is close to $time_current then print "Birthday soon" end if
print new line
end for
That performs only one request to your database.
I work on a site where visitors can create an account, and to do so, they have to confirm their email adresses in the end of the process.
Before the account is created, the entered values such as email, pass etcetc are kept in a special table temporarily. That means a visitor has an hour to open their email and klick the link, or else that row will be deleted, to prevent "garbage" from bots and evil or simply overlazy people.
My idea was to let the users clean up the mess, and this is how: when a user klick the link sent to them, the row in the table with temporarily stored values is moved to the actual table for members, and another function will clean up rows that are "outdated", that is, who are inserted more than one hour ago.
This is my current code:
$stmt3 = $dbc->prepare('DELETE FROM temp_storage WHERE time() - time > 3600');
$stmt3->execute();
(time is the column with the time when the row was inserted is stored)
However this code is appareantly not working. I know I could do a workaround with SELECT FROM temp_storage and then check if the row is inserted too long ago, but I thought that, why would it be impossible to do it this way?
Now my question is, is it, or am I doing it the wrong way?
TIME() in MySQL does not give you the current time, it strips the "time portion" from a timestamp. You are looking for a different time function, probably UNIX_TIMESTAMP() if that is how you are storing your timestamps in the table.
Review MySQL date and time functions here: http://dev.mysql.com/doc/refman/5.1/en/date-and-time-functions.html
The function you're using to get the current time is not correct. It's not time() it's now().
If you check what $pdo->errorInfo() returns you'll see an error message.
In light of your comments about echo time() i get what you wanted to do but in order for that to work you should have written the following:
$stmt3 = $dbc->prepare('DELETE FROM temp_storage WHERE '.time().' - time > 3600');
$stmt3->execute();
By doing this you're using the return value of PHP's time() function to build a string which will then be sent to MySQL to be executed as a query.
You have to understand the difference between PHP-realm and SQL-realm code:
PHP only constructs text strings. It patches together various words an letters to compose a string. PHP doesn't even care what that string is for.
PHP can never look into that string and say "hey this is some good SQL queries right here".
What it can do is send the text you composed to an SQL server; the sql server will try and execute the text as if if were a corect SQL language statement.
If it hits errors it'll report them back to PHP if not it returns the results to PHP. In any case the SQL statements are strings and they get composed before being actually sent to the server.
"Interrupting" a string and concatenating another string to it such as "me"."&"."you" is just part of the process of building the string before sending it to the SQL server.
Try this:
$stmt3 = $dbc->prepare('DELETE FROM temp_storage WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(time) > 3600');
I assume the entry_dt column is a datetime column.
where CURRENT_TIMESTAMP - interval 1 HOUR > entry_dt
You should avoid naming columns the same as sql functions and keywords
ref
http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html
I'll explain my goal first: I want the user to query the database, and return rows only if those rows have been updated since their last query. No sense returning data they'd already have. So I created a column called 'lastupdated', a timestamp type which autoupdates every time any content in the row is updated. This works fine. Now, I want to form the query correctly. The user will have their previous query's timestamp saved, and via php will use it to compare their previous query's time with the time each row has been updated. If the row was updated after their last query, the row should be returned.
I made something like this,
SELECT * FROM users WHERE '2011-02-26 01:50:30' <= lastupdated
but its obviously much too simple. I checked the MySQL manual and found this page MySQL Time/Date Page. I'm sure the answer is here, but I've read through it any nothing really makes sense. I have a timestamp in the same format used by the MySQL timestamp type, but I don't know how I will compare them. Thank you very much for your help.
That query is exactly how you'd do it. As long as a stringified date-time is in MySQL's preferred format (yyyy-mm-dd hh:mm:ss), then it will be internally converted into a datetime value, and the comparisons will go ahead.
You'd only need the date/time functions you found if you want to do something more complicated than simple "greater/less than/equal" type comparison, e.g. "any records that have a December timestamp".
As Marc said, your code should work. But you probably want to do this programmatically with a variable for the time instead of the literal.
If you don't have the date-time specified as a string, but rather as a timestamp (e.g. from using the php time() function), then you can use the following query:
$query = "SELECT * FROM users WHERE FROM_UNIXTIME(" . $timestamp . ") <= lastupdated";
The key is the FROM_UNIXTIME() MySQL function.
I have a mysql database, or more specific, a mysql table which I store IP adresses in.
This is because I limit the nr of messages being sent from my website.
I simply check if the IP is in the table, and if it is, I tell the user to "slow down".
Is there any way to make this MySql table only store a row (a record) for x minutes?
Other solutions are also appreciated...
No, but you can use a TIMESTAMP field to store when the row was inserted / modified and occasionally delete rows that are older than x minutes.
DELETE FROM your_table
WHERE your_timestamp < NOW() - interval 5 minute
To solve your actual problem though, I'd suggest having a table with a row for each user and the last time they sent a message. Assuming it is indexed correctly and your queries are efficient you probably won't ever need to delete any rows from this table, except perhaps if you use a foreign key to the user table and delete the corresponding user. When a user sends a message insert a row if it already exists, otherwise update the existing row (you can use for example the MySQL extension REPLACE for this if you wish).
I would recommend that you add a WHERE clause concerning time to the SELECT "simply check if the IP is in the table"
SELECT * FROM table WHERE ip = <whatever> and timestamp > NOW() - 3*60
Then maybe empty out that table once every night.
I'd make a column that has the timestamp of the last sent message and another that has the total number of posts. Before updating the table check if at least X minutes has passed since the last post. If so, change the total number of posts to 1, otherwise increment the value by 1.
One approach that doesn't involve deleting the IP addresses after a certain interval is to store the addresses as "temporal" data, i.e. records that are only valid for a certain period.
Simplest way to do that would be to add a timestamp column to the table and, when entering an IP, capture either the time it was entered into the table, or the time after which it is no longer being "limited".
The code that grabs IPs to be limited then checks the timestamp to see if it's either:
older than a certain threshold (e.g. if you recorded the IP more than an hour ago, ignore it) or
the current time is greater than the expiry date stored there (e.g. if an IP's timestamp says 2010-11-23 23:59:59 and that is in the past, ignore it)
depending on what you choose the timestamp to represent.
The other solutions here using a timestamp and a cron job are probably your best option, but if you insist on mysql handling this itself, you could use Events. They're like cron jobs, except mysql handles the scheduling itself. It requires 5.1+ though.