I am creating a new website and so far everything is working perfect but I have one small issue and i am wondering if anyone knows a way to sort it out.
Users come to my site to generate pin codes for my applications now this works perfect the pins are saved to a db with a created_at time and then an expires_at time with is creation time + 3 hours.
It works perfect most of the day but I run into issues when it gets to about 9:30 pm every day.
When you create a pin around 9:30 the creation time will be:
9:23:43
Now then expiration time will be
00:23:43
and this is where the issue is when they add the pin to my applications. It checks them from the database by comparing the current time by creation time using the code below:
<?php
include 'inc.db.php';
include 'inc.clear.php';
date_default_timezone_set('Europe/London');
function Check($key, $pin){
global $mysqli;
$time = date("H:i:s");
$stmt = $mysqli->prepare("SELECT expired FROM tbl_pins WHERE key=? AND pin=?");
$stmt->bind_param('ss', $key, $pin);
$stmt->execute();
$stmt->bind_result($expired);
while($stmt->fetch()) {
if($time >= $expired){
$result = 'Pin Expired';
Clear($pin);
}else{
$result = 'Pin Verified';
}
}
$stmt->close();
return $result;
}
?>
but as it checks the pin, the current time will be
22:10:30
and it checks to see if this is above the expiration time but that's 00:24:22
so because it's after 12am, it's always a lower number.
Does anyone know a way around this?
Use Unix Epoc time
time()
Expiration will be Three hours from now:
time() + (3 * 60 * 60)
Expired true if
time() > Expiration
Use date as well in both created_at and expired_at. If one creates at 1AM and expires at 4AM, do you think 2AM tomorrow (or next year) is still valid? Without date, time is not enough for token expirations for sure.
You need to check the date too. Make the column with the time in your database also contain a date. You can then compare the two in your preferred method. Just to name a couple:
date_diff()
BETWEEN
Alternatively you may use UNIX timestamps, which are the number of seconds since Jan 1st 1970. This sacrifices readability for efficiency.
time()
UNIX_TIMESTAMP
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.