I need help fixing this code

Question

So, I made a PHP page/link checker, which should not allow an user to visit/redirect to a page if isn't passed certain minutes from last visit/redirect.

The problem is, the user is being redirected to the page ALWAYS even if he already did it 1 min ago and the timer is 7 min (example). The timer is setted into MySQL as minutes.

can't figure out what is wrong in the code

this is the first page:

<?php
session_start();

$sql = "SELECT * FROM table_records";

$result = mysql_query($sql);

$records = array();
while ($row = mysql_fetch_assoc($result)) {
$records[] = $row;
}
foreach ($records as $record) {
$now = new DateTime();
if (!array_key_exists($record, $_SESSION['records']) || ($now->getTimestamp()-$_SESSION['records'][$record]) <= 600) {
    echo "<td><center>".$record['id']."</center></td>";
    echo "<td><center>".$record['name']."</center></td>";
    echo "<td><center>".$record['link']."</center></td>";
    echo "<td><center>".$record['delay']."</center></td>";`
} else {
    // link disabled
}
}
?>

and this is the page the users are redirected to, to check the timer, and in case redirect them to the link.

$waiting_time = $delay * 60; //calculate delay time in seconds

if (!array_key_exists($id, $_SESSION['records'])) {

$_SESSION['records'][$id] = $now->getTimestamp();
header("Location: $link");
exit();

} elseif (array_key_exists($id, $_SESSION['records']) && ($now->getTimestamp()-$_SESSION['records'][$id]) >= $waiting_time) {

echo "Looks like you already visited this page";

} elseif (array_key_exists($id, $_SESSION['records']) && ($now->getTimestamp()-$_SESSION['records'][$id]) < $waiting_time) {

$_SESSION['records'][$id] = $now->getTimestamp();
header("Location: $link");
exit();

}

The problem is, the user is being redirected to the $link ALWAYS, even if he already visited, and the time of delay isn't passed.

What is wrong with the code?

1: Be ready for people who are going to say 'use mysqli' or 'use PDO' which you should do. 2: Could you var_dump the substraction of your timestamps ? I expect the cast from string to int/float/long/double/whatever not to be done. — Answers_Seeker, Jul 17 '15 at 16:12
1. Heh 2. If you can, you should [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) [statements](http://php.net/manual/en/pdo.prepared-statements.php) instead, and consider using PDO, [it's really not hard](http://jayblanchard.net/demystifying_php_pdo.html). — Jay Blanchard, Jul 17 '15 at 16:14
Don't forget to use prepared statements in PDO, newbies forget most of the time — Answers_Seeker, Jul 17 '15 at 16:15
`SELECT * FROM table_name` without a `WHERE` or `LIMIT` clause is going to get you into trouble when this table accumulates more than a trivial amount of data. You're loading *everything* into memory to see if a key exists when what you want is `SELECT COUNT(*) FROM table_name WHERE id=?` — tadman, Jul 17 '15 at 16:44
as suggested i var_dumped the value of ($now->getTimestamp()-$_SESSION['records'][$id]) and returns a number like: 495878454 — BlackSys, Jul 17 '15 at 17:41

MagyaDEV · Answer 1 · 2015-07-17T17:45:10.877

DRY, you can write your if/elseif statements much easier:

if (array_key_exists($id, $_SESSION['records']) && ($now->getTimestamp()-$_SESSION['records'][$id]) < $waiting_time) {
    echo "Looks like you already visited this page";
} else {
    $_SESSION['records'][$id] = $now->getTimestamp();
    header("Location: $link");
    exit();
}

Now, if you look at it you'll see there are two things to check at first:

Is $_SESSION['records'] not empty (maybe session wasn't intialized on second page?) - var_dump ($_SESSION['records']) - what's in there?
what's the result of ($now->getTimestamp()-$_SESSION['records'][$id]) and what's in $waiting_time variable - var_dump it

Don't forget to call exit() after dumping the code and before redirection or simply comment location () lines, otherwise you'll see nothing

Third possibility (you'll know this is the case if you don't see var_dump printout) is that your browser remembers 301 redirection and when you go second time to same address it redirects automatically without calling your script - restart your browser or try different one.

the result of ($now->getTimestamp()-$_SESSION['records'][$id]) returns a number like: 495878454 and the $waiting_time returns a number like: 1900 or so.. thats why i can't figure out. them is working actually, or at least, them aren't empty — BlackSys, Jul 17 '15 at 17:27
Conditions for redirect are: no record in session or waiting time (`($now->getTimestamp()-$_SESSION['records'][$id])` result) is LESS THAN defined by $waiting_time variable. So if you want NOT to redirect for 30 minutes - reverse the condition (first and second elsif conditions should be switched), cause now you told the code to redirect if <30min — MagyaDEV, Jul 17 '15 at 17:44

I need help fixing this code

1 Answers1