Prevent date and time insert to the database

Question

I am trying to make reservations system, and I have created table reservations which contain columns (id, officename, roomname, resstart, resend, resuser). Restart and resend are DATATIME type. I created a form with date picker and it's inserted successfully to the database.

Here is my PHP file:

<?php
session_start();
include('includes/config.php');
include('includes/checklogin.php');
check_login();

$username = $_SESSION['username'];

//code for add courses
if($_POST['submit'])
{
    $officename=$_POST['officename'];
    $roomname=$_POST['roomname'];
    $startdate=$_POST['startdate'];
    $enddate=$_POST['enddate'];


    $query="insert into  reservations (officename,roomname,resstart,resend,resuser) values(?,?,?,?,?)";
    $stmt = $mysqli->prepare($query);
    $stmt->bind_param('sssss',$officename,$roomname,$startdate,$enddate,$username);
    if($stmt->execute()){
        echo"<script>alert('Your Reservation Has Been Added Successfully');</script>";
    }else{
    echo"<script>alert('Warning! You cannot Reserve this appointment');</script>";
    }
}
?>
<!doctype html>
<html lang="en" class="no-js">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1">
    <meta name="description" content="">
    <meta name="author" content="">
    <meta name="theme-color" content="#3e454c">
    <title>Make New Reservation</title>
    <link rel="stylesheet" href="css/awesome-bootstrap-checkbox.css">
    <link rel="stylesheet" href="css/style.css">
<script type="text/javascript" src="js/jquery-1.11.3-jquery.min.js"></script>
<script type="text/javascript" src="js/validation.min.js"></script>

    <!--Load Script and Stylesheet -->
    <script type="text/javascript" src="jquery.simple-dtpicker.js"></script>
    <link type="text/css" href="jquery.simple-dtpicker.css" rel="stylesheet" />
 $(document).ready(function() {
        $( "#date" ).datepicker({ dateFormat: "yy-m-d" });  
    });
</script>
</head>
<body>
    <?php include('includes/header.php');?>
    <div class="ts-main-content">
        <?php include('includes/sidebar.php');?>
        <div class="content-wrapper">
            <div class="container-fluid">

                <div class="row">
                    <div class="col-md-12">

                        <h2 class="page-title">Make New Reservation</h2>

                        <div class="row">
                            <div class="col-md-12">
                                <div class="panel panel-default">
                                    <div class="panel-heading">Make New Reservation</div>
                                    <?php echo "<h4>You Logged in As: <span>$username</span></h4>"; 

                                    ?>
                                    <div class="panel-body">
                                    <?php if(isset($_POST['submit']))
{ ?>
<p style="color: red"><?php echo htmlentities($_SESSION['msg']); ?><?php echo htmlentities($_SESSION['msg']=""); ?></p>
<?php } ?>
                                        <form method="post" class="form-horizontal">

                                            <div class="hr-dashed"></div>

                                        <div class="form-group">
                                                <label class="col-sm-2 control-label">Select Office  </label>

                                                <div class="col-sm-8">
                                                <Select name="officename" class="form-control" required>
                                                <option value="Select Office">Select Office</option>
                                                <?php

                                                $sql="select * from offices";

                                                $stmt2 = $mysqli->prepare($sql);
                                                //$stmt2->bind_param('i',$roomno);

                                                //$stmt->bind_param('i',$aid);
                                                $stmt2->execute() ;//ok
                                                $res=$stmt2->get_result();



                                                while ($row=$res->fetch_object()) {
                                                    echo "<option value=". $row->officename .">" . $row->officename . "</option>";
                                                }



                                                ?>


                                                </Select>
                                                </div>
                                                </div>


                                                <div class="form-group">
                                                <label class="col-sm-2 control-label">Select Room  </label>
                                                <div class="col-sm-8">
                                                <Select name="roomname" class="form-control" required>
                                                <option value="Select Room">Select Room</option>
                                                <?php

                                                $sql="select * from rooms";

                                                $stmt2 = $mysqli->prepare($sql);
                                                //$stmt2->bind_param('i',$roomno);

                                                //$stmt->bind_param('i',$aid);
                                                $stmt2->execute() ;//ok
                                                $res=$stmt2->get_result();



                                                while ($row=$res->fetch_object()) {
                                                    echo "<option value=". $row->roomname .">" . $row->roomname . "</option>";
                                                }



                                                ?>


                                                </Select>
                                                </div>
                                                </div>



                                                <div class="form-group">
                                                    <label class="col-sm-2 control-label">Start time and date</label>
                                                    <div class="col-sm-8">
                                                    <input type="text" autocomplete="off" name="startdate" value="" required>
                                                    <script type="text/javascript">
                                                        $(function(){
                                                            $('*[name=startdate]').appendDtpicker();
                                                        });
                                                    </script>
                                                    </div>
                                                </div>

                                                <div class="form-group">
                                                    <label class="col-sm-2 control-label">End time and date</label>
                                                    <div class="col-sm-8">
                                                    <input type="text" autocomplete="off" name="enddate" value="" required>
                                                    <script type="text/javascript">
                                                        $(function(){
                                                            $('*[name=enddate]').appendDtpicker();
                                                        });
                                                    </script>
                                                    </div>
                                                </div>



                                            <div class="col-sm-8 col-sm-offset-2">
                                            <input class="btn btn-primary" type="submit" name="submit" value="Make New Reservation">
                                            </div>
                                            </div>

                                        </form>

                                    </div>
                                </div>


                            </div>




                            </div>
                        </div>

                    </div>
                </div>  


            </div>
        </div>
    </div>

</body>

</html>

I want the form to prevent insert to the table, if there is a user tried to make new reservation with already exists time for the same room. Like Room 1 reserved at 1:00 to 2:00, so next user can't register Room 1 at 1:10 to 2:00 for example, but he can register Room 2 at the same time.

Thanks in advance.

FYI, we don't need that giant HTML dump to understand the question, it's just distracting. — deceze, Sep 17 '17 at 10:07

score 1 · Answer 1 · answered Sep 17 '17 at 08:02

1

Take a count from the table reservations with the requesting roomnumber and new reservation time, and see if a record exists in the table between the resstart and resend time.

If I understood your question correctly, any of the below two query should work.

select count(1) from reservations where roomname = 'XYZ' and '17-SEP-17' between resstart and resend;

or

select count(1) from reservations where roomname = 'XYZ' and to_date('17-SEP-17') between resstart and resend;

answered Sep 17 '17 at 08:02

Prashanth kumar

949
3
10
32

What i want is to prevent duplication with same dates for same room in the database, for example i have multiple rooms and i am making a system which allowing user to make reservation for the room, but i don't want one room to be reserved twice at the same time – Ahmed Sep 17 '17 at 09:38
Yes @Ahmed, you need to run this query first to check if the room is reserved for the room number and resstart he has selected in the front-end. If the count is greater than 0, then there is already that room booked for the given start date. So by using an if statement do not allow the insert code to be executed. In this case you dont need to check basis your resend, as the resstart date and time is not available. – Prashanth kumar Sep 17 '17 at 09:45
Yes Yes, i got your idea thank youuu. but can you tell me how can i assign these values to variables and the best place to run the query ?? – Ahmed Sep 17 '17 at 09:49
I guess the best place would be in the PHP Section before the insert statement - "$query="insert into reservations (officename,roomname,resstart,resend,resuser) values(?,?,?,?,?)";" – Prashanth kumar Sep 17 '17 at 09:53
I mean how can i assign the select query values, you just gave me into variables ? – Ahmed Sep 17 '17 at 10:07
Try this, I am no expert on that, let me know if it works - `$counter = mysql_query('select count(1) as counter from reservations where roomname = $roomname and $startdate between resstart and resend;') or die(mysql_error()); $row = mysql_fetch_assoc($counter); $existsCount = $row['counter'];` – Prashanth kumar Sep 17 '17 at 10:17

danilonet · Answer 2 · 2017-09-17T07:23:22.817

0

the best way to prevent duplicate is to create a unique key in your database.

ALTER TABLE reservations ADD CONSTRAINT constr_reservations UNIQUE (roomname,resstart,resend,resuser)

in this case you code must not be changed. because you are already catching the insert failure

if($stmt->execute()){
        echo"<script>alert('Your Reservation Has Been Added Successfully');</script>";
    }else{

        //ROOM DUPLICATE CASE!!!

        echo"<script>alert('Warning! You cannot Reserve this appointment');</script>";
    }

edited Sep 17 '17 at 07:23

answered Sep 17 '17 at 07:18

danilonet

1,757
16
33

1

But it won't prevent the range between resstar and resend, i want to prevent the range between the resstar and resend. and also for the roomname it needed to be prevented if it's been reserved at same time, but if it's not reserved at a time already in the database, it can registered without problem. – Ahmed Sep 17 '17 at 07:25
you can select the coluons you want, but the base concept is, prevent duplicate adding a constraint in your database and not in your code. – danilonet Sep 17 '17 at 07:27
can i do what i described in the reply exactly with contraints ? – Ahmed Sep 17 '17 at 07:30
it's simple, prevent insert for same date interval and room, is not necessary to restrict to particular users, if the room is busy no one can book it. then prevent duplicate with fields "roomname,resstart": ALTER TABLE reservations ADD CONSTRAINT constr_reservations UNIQUE (roomname,resstart) – danilonet Sep 17 '17 at 14:36
can you please check the constraint after implementation ? https://stackoverflow.com/questions/46284557/error-function-execute-on-boolean-while-preventing-duplication?noredirect=1#comment79532207_46284557 – Ahmed Sep 18 '17 at 17:06

Prevent date and time insert to the database

2 Answers2

Linked