Home/ Questions/Q 6998357
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T20:24:05+00:00

What I’m doing with this code is checking the database for a date that

  • 0

What I’m doing with this code is checking the database for a date that ends editing(Say Today’s date is 12/30/11 last date for edits was or is 12/12/10 = LOCKED or Todays date is 12/30/11 last date for edits was or is 12/12/13 = UNLOCKED & forwarded to edit site)

So with that in mind here’s the problem: the code i have always says your account is locked no matter the lock date and i am at a lost for a solution :(.

By the way please keep in mind that the headers have already been sent by this point.

<?php
$id = $_GET['id'];
// Define MySQL Information.
$mysqlhost="***************"; // Host name of MySQL server.
$mysqlusername="**********"; // Username of MySQL database. 
$mysqlpassword="*********"; // Password of the above MySQL username.
$mysqldatabase="*************"; // Name of database where the table resides.
// Connect to MySQL.
mysql_connect("$mysqlhost", "$mysqlusername", "$mysqlpassword")or die("Could not connect to     MySQL.");
mysql_select_db("$mysqldatabase")or die("Could not connect to selected MySQL database.");

$infosql = "SELECT * FROM premiersounds_users WHERE customer_id = $id";
$inforesult = mysql_query($infosql) or die(mysql_error());
$info = mysql_fetch_array($inforesult);


$l_date=$info['lockout_date'];

//Get current date from server
    $format="%m/%d/%y";
$c_date=strftime($format);
//set sessions
$_SESSION['current_date'] = $c_date;
$_SESSION['lockout_date'] = $l_date;

//Check is Current date = lockout date
if ($c_date <= $l_date) { header("location:/planner_scripts/documnet_editors    /edit_weddingplanner.php?id=$id"); } else {echo 'Whoops! Were sorry your account has been locked to edits because your event is less than 48 hours from now or your event has passed. To make changes to your event please contact your DJ.'; echo'<br/>'; echo ' Todays Date: ';echo $c_date; echo ','; echo ' Last Date for edits: '; echo $l_date;}
?>
<?php
//Destroy Session for Lockout Date to prevent by passes
unset($_SESSION['lockout_date']);
?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    A couple of things …

    1. The code as it was posted is massively open to SQL-injection
      attacks. You should always sanitize user data before including it in
      a db query. I add a mysql_escape_string() call in the code below
      to prevent this as well as mention a simple integer cast. There are
      other ways to accomplish this. You can learn how by searching SO on
      the topic.
    2. One easy way to compare dates is to use PHP’s DateTime class.
      The code below creates instances of DateTime … one for the
      current date and one from the lockout date retrieved from the
      database. Once you have these objects, you can compare the two.
    <?php
$id = $_GET['id'];
// Define MySQL Information.

$mysqlusername=""; // Username of MySQL database. 
$mysqlpassword=""; // Password of the above MySQL username.
$mysqldatabase=""; // Name of database where the table resides.
// Connect to MySQL.
mysql_connect("$mysqlhost", "$mysqlusername", "$mysqlpassword")or die("Could not connect to     MySQL.");
mysql_select_db("$mysqldatabase")or die("Could not connect to selected MySQL database.");

// IMPORTANT: PREVENT SQL INJECTION
$id = mysql_escape_string($id);
// Or, if $id is supposed to be an integer just do this ...
// $id = (int) $id;

$infosql = "SELECT * FROM premiersounds_users WHERE customer_id = $id";
$inforesult = mysql_query($infosql) or die(mysql_error());
$info = mysql_fetch_array($inforesult);

//Get current date from server
$c_date = new DateTime();
$l_date = new DateTime($info['lockout_date']);

//Check is Current date = lockout date
if ($c_date->format('Y-m-d') <= $l_date->format('Y-m-d')) {
  header("location:/planner_scripts/documnet_editors/edit_weddingplanner.php?id=$id");
} else {
  echo 'Whoops! Were sorry your account has been locked to edits because your event is less than 48 hours from now or your event has passed. To make changes to your event please contact your DJ.';
  echo'<br/>';
  echo ' Todays Date: ';
  echo $c_date;
  echo ',';
  echo ' Last Date for edits: ';
  echo $l_date;
}

?>
    • 0