0

Hi there I have a device that sends values from my sensors to table called 'sensors'... in my table I have a column called 'event' which is TIMESTAMP, date and time from my server which is -8 hours of my local time... because my device can't send time and date to my table, I try to call my server admin to change the timezone of the server but no luck from there, so now I need somehow when ever the device sends data to table in 'mytime' column to put 'event'TIMESTAMP+8hours how do I do that? here is my code

<?php
// Connect to MySQL

include("dbconnect1.php");

// Prepare the SQL statement

mysqli_query($dbcon,"SELECT * FROM sensors");
mysqli_query($dbcon,"INSERT INTO sensors (sensor1 ,sensor2, sensor3, sensor4, sensor5, sensor6 ,sensor7, sensor8, sensor9, sensor10, sensor11, sensor12) 
VALUES ('".$_GET["s1"]."', '".$_GET["s2"]."','".$_GET["s3"]."','".$_GET["s4"]."','".$_GET["s5"]."','".$_GET["s6"]."','".$_GET["s7"]."','".$_GET["s8"]."','".$_GET["s9"]."','".$_GET["s10"]."','".$_GET["s11"]."','".$_GET["s12"]."')");



mysqli_close($dbcon);

?>

tanjamaya
  • 23
  • 1
  • 8
  • 2
    This code does nothing with timestamps or time of any kind. And you're quite prone to SQL injection, you should use parameterized queries instead - your API supports it. – Qirel Mar 09 '17 at 14:17
  • I don't think its possible to do this in insertion, you can update the timestamp after insertion with `DATE_ADD(your_field, INTERVAL 8 HOUR)` – Mohammad Mar 09 '17 at 14:20
  • Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) – RiggsFolly Mar 09 '17 at 14:23
  • Agreed with @Mohammad, you will need to add another field to track whether the details have been changed ie a 1 or 0. Then you can create a small cron job to update the table timestamp if update = 0 for example. – The Humble Rat Mar 09 '17 at 14:25
  • 2
    Sure you can use MySQL functions when inserting too, problem is, we don't see any code relating to this time here. Example `INSERT INTO table VALUES (DATE_ADD(NOW(), INTERVAL 8 HOUR))` is perfectly valid, and works. – Qirel Mar 09 '17 at 14:30
  • Thank you Mohammad and Qirel... I did it :) – tanjamaya Mar 09 '17 at 16:47

0 Answers0