如何根据当前时间从数据库中选择

Question

I am making a school portal system and right now I am making the page for students to view homework.我正在制作一个学校门户系统，现在我正在制作页面供学生查看作业。 I want their homework to be highlighted in red, or not shown at all if the current date is past the due date.我希望他们的作业以红色突出显示，或者如果当前日期超过截止日期，则根本不显示。 How can I do this?我怎样才能做到这一点？ My code for the page我的页面代码

<?php
//including the database connection file
include_once("connection.php");
    $id= $_GET['id'];


//fetching data in descending order (lastest entry first)
$result = mysqli_query($conn, "SELECT * FROM homework where class_id= '$id'"); 

?>

<html>
<head>    
    <title>View IS</title>
</head>

<body>

    <table width='80%' border=0>
        <tr bgcolor='#CCCCCC'>
            <td>Task</td>
            <td>Date Set </td>
            <td>Date Due </td>
        </tr>
        <?php 
        //while($res = mysql_fetch_array($result)) 
        while($res = mysqli_fetch_array($result)) {         
            echo "<tr>";
            echo "<td>".$res['description']."</td>";
            echo "<td>".$res['dateset']."</td>";
            echo "<td>".$res['datedue']."</td>";

        }
        ?>
    </table>
</body>

Database:数据库：

Answer 1

You should use parameterized prepared statements instead of manually building your queries.您应该使用参数化的预准备语句，而不是手动构建查询。

I have used the date function to compare the dates if the date is greater then I've put some style while in else there is no style.我已经使用日期函数来比较日期，如果日期大于那么我已经放置了一些样式，而其他则没有样式。 I have gave you the idea now you can modify accordingly.我已经给了你这个想法，现在你可以相应地修改。

    <table width='80%' border=0>
            <tr bgcolor='#CCCCCC'>
                <td>Task</td>
                <td>Date Set </td>
                <td>Date Due </td>
            </tr>
            <?php 
            //while($res = mysql_fetch_array($result)) 
    $current_date=date("Y-m-d");
            while($res = mysqli_fetch_array($result)) { 


            if($current_date > $res['datedue'] ){

?>
<tr style='color:red;'>;
<?php

    }else {
    <tr>
    }

                echo "<td>".$res['description']."</td>";
                echo "<td>".$res['dateset']."</td>";
                echo "<td>".$res['datedue']."</td>";
    </tr>
            }
            ?>
        </table>

Reference参考

Answer 2

Instead of a query , use a prepared statement with bind_param which is much safer.而不是query ，使用带有bind_param的prepared statement ，这更安全。 Then just compare the dates to check if $res['datedue'] passed or not.然后只需比较日期以检查$res['datedue']通过。 This should be it:应该是这样的：

<?php
    include_once("connection.php"); //including the database connection file
    date_default_timezone_set('America/Los_Angeles');    //set the default time zone to your time zone (this is just an example)
    $result = $conn->prepare("SELECT * FROM homework WHERE class_id=?");
    $result->bind_param("i", (int)$_GET['id']);
    $result->execute();
    $result2 = $result->get_result();
?>
<html>
<head>    
    <title>View IS</title>
</head>
<body>
    <table width='80%' border=0>
        <tr bgcolor='#CCCCCC'>
            <td>Task</td>
            <td>Date Set </td>
            <td>Date Due </td>
        </tr>
        <?php
            while($res = $result2->fetch_array(MYSQLI_ASSOC)) {   
                if (date("Y-m-d") > $res['datedue']) {
                    echo "<tr style=\"color: red;\">";
                        echo "<td>".$res['description']."</td>";
                        echo "<td>".$res['dateset']."</td>";
                        echo "<td>".$res['datedue']."</td>";
                    echo "</tr>";
                } else {
                    echo "<tr>";
                        echo "<td>".$res['description']."</td>";
                        echo "<td>".$res['dateset']."</td>";
                        echo "<td>".$res['datedue']."</td>";
                    echo "</tr>";
                }
            }
        ?>
    </table>
</body>

You could also use $time = new DateTime;您也可以使用$time = new DateTime; and then $time->format("Ymd") instead of date("Ymd") .然后$time->format("Ymd")而不是date("Ymd") 。

More about time zones. 更多关于时区的信息。

Answer 3

Don`t use concated raw SQL.不要使用连接的原始 SQL。

Use variable binding to prevent SQL injections.使用变量绑定来防止 SQL 注入。

<?php
$stmt = $mysqli->prepare("SELECT * FROM homework where class_id= ?");
$stmt->bind_param('i', (int)$_GET['id']); // bind vairable and cast it to integer (it is a good practice when you get data from outside)
$stmt->execute();
$result = $stmt->get_result();
while($res = $result->fetch()){
  // Your code here
  var_dump($res);
}

I will suggest using PDO instead of mysqli .我会建议使用PDO而不是mysqli 。 You can read more about SQL Injections here: How can I prevent SQL injection in PHP?您可以在此处阅读有关 SQL 注入的更多信息：如何防止 PHP 中的 SQL 注入？

Don't use `select ` (wildcard)***不要使用`select *` （通配符）**

SELECT description, dateset, datedue, datedue < NOW() AS is_expired FROM homework where class_id= ?

Check the value of is_expired to see which results you will mark in red检查is_expired的值以查看您将哪些结果标记为红色

I haven't tried the code but I guess it will work as expected我还没有尝试过代码，但我想它会按预期工作

如何根据当前时间从数据库中选择

问题描述

3 个解决方案

解决方案1
2 2020-01-07 14:51:38

解决方案2
2 已采纳 2020-01-07 15:23:42

解决方案3
1 2020-01-07 15:01:24

Don`t use concated raw SQL.不要使用连接的原始 SQL。

Don't use `select ` (wildcard)***不要使用`select *` （通配符）**

如何根据当前时间从数据库中选择

问题描述

3 个解决方案

解决方案1 2 2020-01-07 14:51:38

解决方案2 2 已采纳 2020-01-07 15:23:42

解决方案3 1 2020-01-07 15:01:24

Don`t use concated raw SQL.不要使用连接的原始 SQL。

Don't use select * (wildcard)不要使用select * （通配符）

解决方案1
2 2020-01-07 14:51:38

解决方案2
2 已采纳 2020-01-07 15:23:42

解决方案3
1 2020-01-07 15:01:24

Don't use `select ` (wildcard)***不要使用`select *` （通配符）**