来自数据库的Unix_Timestamp
[英]Unix_Timestamp from database
问题描述
On my website I have made a automatic invoice system. 
在我的网站上,我制作了自动发票系统。 It will generate a invoice for a certain user from a certain month. 它将为某个月的特定用户生成发票。 You can select the user, month and year and then click generate. 您可以选择用户,月份和年份,然后单击“生成”。
But, In my MYSQL Database, I've stored the products the user ordered on date with a Unix Timestamp. 但是,在我的MYSQL数据库中,我使用Unix时间戳存储了用户在日期订购的产品。 now I want to load all the products from a certain month by checking if the Unix Timestamp matches. 现在我想通过检查Unix时间戳是否匹配来加载某个月的所有产品。 But it won't work. 但它不会起作用。
My code: 我的代码:
require "connect.php";
$create_by=$_GET['user'];
$jaar=$_GET['jaar'];
$maand=$_GET['maand'];
$number = cal_days_in_month(CAL_GREGORIAN, $maand, $jaar);
$result = mysql_query("SELECT *
FROM `mrbs_entry`
WHERE start_time >= UNIX_TIMESTAMP(".$jaar."-".$maand."-01)
AND start_time <= UNIX_TIMESTAMP(".$jaar."-".$maand."-".$number.")
AND create_by = '".$create_by".'
ORDER BY `start_time`, `room_id`");
The date is given through the link, like user, maand, jaar. 日期通过链接给出,如user,maand,jaar。
maand is the month, and jaar is the year. maand是月份,jaar是年份。
1 个解决方案
解决方案1
3 已采纳 2016-01-15 14:25:46
You didn't quote your date values within the query, so effectively you're building 您没有在查询中引用日期值,因此您正在构建
... WHERE start_time >= UNIX_TIMESTAMP(2016-01-15)
That's not a date value, it's a double mathematical subtraction, and you're really executing UNIX_TIMESTAMP(2000) , which is way back in 1970. 这不是一个日期值,它是一个双重数学减法,你真的在执行UNIX_TIMESTAMP(2000) ,这可以追溯到1970年。
WHERE start_time >= UNIX_TIMESTAMP('".$jaar."-".$maand."-01')
^-----------------------^
Note the indicated quotes. 请注意指示的引号。 And also note that you're wide open for sql injection attacks , so enjoy having your server pwn3d. 并且还要注意你对sql注入攻击很开放,所以喜欢你的服务器pwn3d。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.