limit the submission of form by date

Question

Here is my coding. Basically i want to set form limitation based on user defined in ($result2). Another thing is the date. Eg. Today can submit 3 form then tomorrow can submit another 3 form until the user makes the changes on $result2. The problem from this code it will ignore the date and keep let user submit the form without the limit. Hope you guys can help, thanks

$name = $_POST['name'];
$address = $_POST['address'];
$contact = $_POST['contact'];
$email = $_POST['email'];
$tbl_name="torder";

$sql="INSERT INTO $tbl_name
(name,address,contact,email,orderdate)
VALUES('$name','$address','$contact','$email',now())";

$tbl2_name="tblfree";

$query="SELECT * FROM tblfree";

$result2=mysql_query($query);

$row = mysql_fetch_array(
           mysql_query("SELECT COUNT(*) AS 'submit' FROM torder"));

if ($row['submit'] > $result2) {
    echo 'We have reached our Free-T limit';}
else {
    $result=mysql_query($sql);
    echo 'success';
}

Where is the `$current` variable defined? Your example is asking the DB to count instances where the orderdate field is empty. — Baldvin Th, Oct 29 '14 at 08:23
You [shouldn't use mysql_* functions in new code](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the red box? Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use PDO or MySQLi. — Daniel Gelling, Oct 29 '14 at 08:23
$current is not declared but the orderdate need not let user key in the form and i use now() to mark it.. since i worry user will keep apply by changing the date but my phpmyadmin when user submit it has 2014-10-29 so now the problem is i dont know the date thing like what i said in title.. — Chuah Boon Wei, Oct 29 '14 at 08:41
this form will continue let people submit until met the quota of the day and will start 0 on tomorrow — Chuah Boon Wei, Oct 29 '14 at 08:43

score 1 · Answer 1 · answered Oct 29 '14 at 08:21

The problem is that you're comparing a scalar value to a mysql_result, you can see where that is happening below

if ($row['submit'] > $result2)

Instead, you need to fetch the result of $result2 and compare it, so modify it to the following

$result2=mysql_query($query);
$row2 = mysql_fetch_array($result2);
$row = mysql_fetch_array(mysql_query("SELECT COUNT(*) AS 'submit' FROM torder where orderdate = {$current}"));

if ($row['submit'] > $row2['value_you_want_to_compare']) {
    echo 'We have reached our Free-T limit';}
else {
    $result=mysql_query($sql);
    echo 'success';
}

Also, your code is vulnerable to SQL Injection, to fix that, stop using mysql_* functions as they're deprecated and start using mysqli or PDO with prepared statements

I'm glad that you help me.. but it still insert successfully. — Chuah Boon Wei, Oct 29 '14 at 08:30
i'm new to stack. This one work but when tomorrow user cant key in already.. $tbl2_name="tblfree"; $query="SELECT * FROM tblfree"; $result2=mysql_query($query); $row = mysql_fetch_array(mysql_query("SELECT COUNT(*) AS 'submit' FROM torder")); if ($row['submit'] > $result2) { echo 'We have reached our Free-T limit';} else { $result=mysql_query($sql); echo 'success'; } — Chuah Boon Wei, Oct 29 '14 at 09:09

score 1 · Answer 2 · answered Oct 30 '14 at 04:47

$tbl2_name="tblfree";
$query="SELECT amount FROM tblfree where id=1";
$result2=mysql_fetch_array(mysql_query($query));

$row = mysql_fetch_array(mysql_query("SELECT COUNT(*) AS submit FROM torder where orderdate =  CURDATE()"));
if ($row ['submit'] >= $result2['amount']) {
echo 'We have reached our Free-T limit';
echo $result2['amount'];}
else {
$tbl_name="torder";
$sql="INSERT INTO $tbl_name
(name,address,contact,email,orderdate)VALUES('$name','$address','$contact','$email',CURDATE())";
$result=mysql_query($sql);
$sql="INSERT INTO $tbl_name   (name,address,contact,email,orderdate)VALUES('$name','$address','$contact','$email','$orderdate')";
echo 'success';

}

limit the submission of form by date

2 Answers2