Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 4 of 4 FirstFirst ... 234
Results 46 to 55 of 55
  1. #46
    Regular Coder
    Join Date
    Jun 2010
    Location
    UK
    Posts
    198
    Thanks
    26
    Thanked 8 Times in 8 Posts
    Well today has been fun, I have been updating all my MySQL tables to use the Date/DateTime and then I find there could be a simpler way of generating the calendar select menu options! Everyday is truly a school day!

  2. #47
    Regular Coder Vege's Avatar
    Join Date
    Jan 2008
    Posts
    866
    Thanks
    21
    Thanked 115 Times in 114 Posts
    $_POST variables are always strings and checkdate() expects int.
    You should be getting
    Warning: checkdate() expects parameter 1 to be long, string given errors

    Relaying on checkdate alone can also be dangerous as there will be magic conversion to int if strings are given
    PHP Code:
    <?php
    $month 
    '00012';
    $day '00002';
    $year '1;drop tables;';

    var_dump(checkdate($month,$day,$year));
    (checkdate returns true)

  3. #48
    Regular Coder
    Join Date
    Jun 2010
    Location
    UK
    Posts
    198
    Thanks
    26
    Thanked 8 Times in 8 Posts
    Quote Originally Posted by Vege View Post
    $_POST variables are always strings and checkdate() expects int.
    You should be getting
    Warning: checkdate() expects parameter 1 to be long, string given errors

    Relaying on checkdate alone can also be dangerous as there will be magic conversion to int if strings are given
    PHP Code:
    <?php
    $month 
    '00012';
    $day '00002';
    $year '1;drop tables;';

    var_dump(checkdate($month,$day,$year));
    (checkdate returns true)
    Thanks

    That is why once I have validated the date, I create a timestamp before using it in the database - I do not actually send the user input to the database!
    Important I do not guarantee that any code sample that I post will work as intended and if you use it you do so entirely at your own risk.

    PHP - Because there is ALWAYS more than one way to do it!

  4. #49
    Regular Coder Vege's Avatar
    Join Date
    Jan 2008
    Posts
    866
    Thanks
    21
    Thanked 115 Times in 114 Posts
    Quote Originally Posted by PkraM View Post
    Thanks

    That is why once I have validated the date, I create a timestamp before using it in the database - I do not actually send the user input to the database!
    With prepared statements validation don't really matter except for the length. MySQL 5.7+ don't allow Jesus times anyway with default settings.
    Timestamps are universally evil and should be avoided.

  5. #50
    Regular Coder
    Join Date
    Jun 2010
    Location
    UK
    Posts
    198
    Thanks
    26
    Thanked 8 Times in 8 Posts
    Quote Originally Posted by Vege View Post
    With prepared statements validation don't really matter except for the length. MySQL 5.7+ don't allow Jesus times anyway with default settings.
    Timestamps are universally evil and should be avoided.
    Sadly I canít avoid them in this application I am programming!

    Have taken what you said on board! Thanks!

  6. #51
    Senior Coder benanamen's Avatar
    Join Date
    Oct 2015
    Posts
    1,401
    Thanks
    3
    Thanked 140 Times in 135 Posts
    Quote Originally Posted by Vege View Post
    Timestamps are universally evil and should be avoided.
    Sources?
    To save time, lets just assume I am almost never wrong.

    The XY Problem
    The XY problem is asking about your attempted solution (X) rather than your actual problem (Y). This leads to enormous amounts of wasted time and energy, both on the part of people asking for help, and on the part of those providing help.

    "This text has been encoded with ROT26. If you can read this you must have found a backdoor. Congratulations!"

  7. #52
    Regular Coder
    Join Date
    Jun 2010
    Location
    UK
    Posts
    198
    Thanks
    26
    Thanked 8 Times in 8 Posts
    On a side note, I am no longer using unix time in my database! I have moved to the MySQL date and time format - this was a major pain, but hopefully itíll be worth it!

    Can the MySQL time zone be changed - or is it always server default?

    I am now also using the input types date and email - I have totally missed those!

  8. #53
    Regular Coder Vege's Avatar
    Join Date
    Jan 2008
    Posts
    866
    Thanks
    21
    Thanked 115 Times in 114 Posts
    Quote Originally Posted by benanamen View Post
    Sources?
    Just experience.
    When the usable range is 1970-2038 and dependant on processor type why would you ever wan't to use it?
    It gives nothing over date/datetimes and only has more restrictions.
    https://en.wikipedia.org/wiki/Year_2038_problem

  9. #54
    Senior Coder benanamen's Avatar
    Join Date
    Oct 2015
    Posts
    1,401
    Thanks
    3
    Thanked 140 Times in 135 Posts
    why would you ever wan't to use it
    It gives nothing over date/datetimes
    Not true.

    Without getting into the whole datetime vs timestamp debate I will just point out that with timestamp you have the added options of

    Automatically generated by DB on insert
    Automatically updated by DB on change
    To save time, lets just assume I am almost never wrong.

    The XY Problem
    The XY problem is asking about your attempted solution (X) rather than your actual problem (Y). This leads to enormous amounts of wasted time and energy, both on the part of people asking for help, and on the part of those providing help.

    "This text has been encoded with ROT26. If you can read this you must have found a backdoor. Congratulations!"

  10. #55
    Regular Coder Vege's Avatar
    Join Date
    Jan 2008
    Posts
    866
    Thanks
    21
    Thanked 115 Times in 114 Posts
    Quote Originally Posted by benanamen View Post
    Not true.

    Without getting into the whole datetime vs timestamp debate I will just point out that with timestamp you have the added options of

    Automatically generated by DB on insert
    Automatically updated by DB on change
    Takes less time and code to write the new() in insert and update.


 
Page 4 of 4 FirstFirst ... 234

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •