Home/ Questions/Q 8400991
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T21:41:28+00:00

I work on a site where visitors can create an account, and to do

  • 0

I work on a site where visitors can create an account, and to do so, they have to confirm their email adresses in the end of the process.

Before the account is created, the entered values such as email, pass etcetc are kept in a special table temporarily. That means a visitor has an hour to open their email and klick the link, or else that row will be deleted, to prevent “garbage” from bots and evil or simply overlazy people.

My idea was to let the users clean up the mess, and this is how: when a user klick the link sent to them, the row in the table with temporarily stored values is moved to the actual table for members, and another function will clean up rows that are “outdated”, that is, who are inserted more than one hour ago.

This is my current code:

$stmt3 = $dbc->prepare('DELETE FROM temp_storage WHERE time() - time > 3600');
$stmt3->execute();

(time is the column with the time when the row was inserted is stored)

However this code is appareantly not working. I know I could do a workaround with SELECT FROM temp_storage and then check if the row is inserted too long ago, but I thought that, why would it be impossible to do it this way?

Now my question is, is it, or am I doing it the wrong way?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The function you’re using to get the current time is not correct. It’s not time() it’s now().

    If you check what $pdo->errorInfo() returns you’ll see an error message.

    In light of your comments about echo time() i get what you wanted to do but in order for that to work you should have written the following:

    $stmt3 = $dbc->prepare('DELETE FROM temp_storage WHERE '.time().' - time > 3600');
$stmt3->execute();

    By doing this you’re using the return value of PHP’s time() function to build a string which will then be sent to MySQL to be executed as a query.

    You have to understand the difference between PHP-realm and SQL-realm code:

    PHP only constructs text strings. It patches together various words an letters to compose a string. PHP doesn’t even care what that string is for.

    PHP can never look into that string and say “hey this is some good SQL queries right here”.

    What it can do is send the text you composed to an SQL server; the sql server will try and execute the text as if if were a corect SQL language statement.

    If it hits errors it’ll report them back to PHP if not it returns the results to PHP. In any case the SQL statements are strings and they get composed before being actually sent to the server.

    “Interrupting” a string and concatenating another string to it such as "me"."&"."you" is just part of the process of building the string before sending it to the SQL server.

    • 0