0

i have a mysql query like that

SELECT s.end_date_time AS Finishtime
FROM auctions_search AS s
WHERE end_date_time >NOW() + INTERVAL 3 HOUR;

so i need put it into php i try like this

$aToday = date("Y-m-d H:i:s"); 

$aExpireAuctionTime = DBC::$slave->selectAssoc("
    SELECT 
        s.end_date_time AS FinisDate
    FROM
        {$this->sDBName_Auction}.{$this->sTBLName_Auctions_Search}  AS s
    WHERE
        s.end_date_time >{$aToday} + INTERVAL 3 HOUR
");

but giving me error like

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '08:53:24 + INTERVAL 3 HOUR'

end_date_time column store a ending dates of items where is listed on shop

so i need select a items where they will end not more than +3

for example we have records for ending in

  1. 2013-08-15 09:51:38
  2. 2013-08-15 10:56:40
  3. 2013-08-29 18:56:00
  4. 2013-08-19 12:56:32

and current time is 2013-08-15 08:51:38

so i need select

  1. 2013-08-29 18:56:00
  2. 2013-08-19 12:56:32

cuz other one will finish after 3h

maybe query should me like 

select
    s.end_date_time
from
    auctions_search AS s
where
    true
    and s.start_date_time <= 3
Alexander Yancharuk
  • 13,817
  • 5
  • 55
  • 55
ameldur
  • 43
  • 7
  • Quote the date string in the query, or remove the formatting and leave it unquoted in the query: date("YmdHis");, or use Unix timestamps. – symcbean Aug 14 '13 at 08:12

3 Answers3

1

I guess you need to enclose your date value:

WHERE s.end_date_time >'{$aToday}' + INTERVAL 3 HOUR

Note, that direct passing values into SQL query (i.e. without escaping them) is a bad idea.

Alma Do
  • 37,009
  • 9
  • 76
  • 105
1

You can process NOW() record with the DATE_FORMAT() function. Then you can subtact the (days)/(months)/(years) and make your query.

Βασιλης Ιωσηφιδης
  • 769
  • 7
  • 23
1

PHP and SQL are different languages. You are using PHP to compose SQL code. The MySQL server will not see your PHP code, just the SQL code you generate. You can have a look if you asign it to a variable and print it:

<?php

$aToday = date("Y-m-d H:i:s"); 

$sql = "
    SELECT 
        s.end_date_time AS FinisDate
    FROM
        {$this->sDBName_Auction}.{$this->sTBLName_Auctions_Search}  AS s
    WHERE
        s.end_date_time >{$aToday} + INTERVAL 3 HOUR
";

var_dump($sql);

That code should run flawlessly in your MySQL client, but it won't because it contains this:

s.end_date_time >2013-08-14 10:19:22 + INTERVAL 3 HOUR

This is obviously invalid SQL. Please compare:

mysql> SELECT 2013-08-14 10:19:22;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '10:19:22' at line 1
mysql> SELECT '2013-08-14 10:19:22';
+---------------------+
| 2013-08-14 10:19:22 |
+---------------------+
| 2013-08-14 10:19:22 |
+---------------------+
1 row in set (0.00 sec)

As How can I prevent SQL injection in PHP? explains, you don't normally need to inject raw input in your SQL code (unless you're using a really outdated database library). That's what prepared statements are for.

Last but not least, unless you're trying to generate static queries for a results cache, you can simply use NOW() or CURRENT_TIMESTAMP as synonym for "current date". There's no need to calculate it in PHP.

Community
  • 1
  • 1
Álvaro González
  • 142,137
  • 41
  • 261
  • 360