New items after last visit

Question

I have code that supposed to show new items in menu (right of the items.php url). That's not working at all or it shows only one item though there is 10 items. It count's new items and check when your last browse. When you refresh items page "New item-tag" disappear.

So if you can help me I'm very thankfully :)

Code:

  $res = mysql_query("SELECT last_visit
                     FROM users
                     WHERE id='".$user['id']."'");

  $arr = mysql_fetch_row($res);

  $last_visit = $arr[0];

  $time_now = gmtime();

 if ($last_visit > $time_now)
  {
      $last_visit = $time_now;
  }

 $results = mysql_query("SELECT COUNT(*)
              FROM items
              WHERE added >= '".$last_visit."'");

  $num_rows = mysql_num_rows($results);

  $all  = number_format($num_rows);

 while ($num_rows = mysql_fetch_assoc($results))
  {

   if (sql_timestamp_to_unix_timestamp($row["added"]) >= $last_visit)
    { ?>

  <li><a href="items.php">Items<br />(<font color="red"><?php echo $all ?> new items</font>)</a></li>

<li><a href="items.php">Items</a></li>

[Little Bobby](http://bobby-tables.com/) says **[you may be at risk for SQL Injection Attacks](https://stackoverflow.com/q/60174/)**. Learn about [Prepared Statements](https://en.wikipedia.org/wiki/Prepared_statement) with [parameterized queries](https://stackoverflow.com/a/4712113/5827005). I recommend `PDO`, which I [wrote a class for](https://github.com/GrumpyCrouton/GrumpyPDO) to make it extremely easy, clean, and more secure than using non-parameterized queries. Also, [This article](https://phpdelusions.net/pdo/mysqli_comparison) may help you choose between `MySQLi` and `PDO` — GrumpyCrouton, Oct 30 '17 at 18:04
**Please**, don't use `mysql_*` functions for new code. They are no longer maintained and the community has begun the [deprecation process](http://news.php.net/php.internals/53799), and `mysql_*` functions have been officially removed in PHP 7. Instead you should learn about [prepared statements](https://en.wikipedia.org/wiki/Prepared_statement) and use either `PDO` or `mysqli_*`. If you can't decide, [this article will help to choose your best option](http://php.net/manual/en/mysqlinfo.api.choosing.php). — GrumpyCrouton, Oct 30 '17 at 18:04
Thank you. I will check some pdo class etc.. I have converted mysqli, but I need to change commands all over the site. So code will be updated when I get all works. — Penalse, Oct 30 '17 at 18:59
I linked to a class that I wrote for PDO, which is hosted on github. https://github.com/GrumpyCrouton/GrumpyPDO — GrumpyCrouton, Oct 30 '17 at 19:05
But still I trying to find solution why this code not working so help is needed :) — Penalse, Oct 30 '17 at 20:39
Honestly, I would advise against "fixing" this code, and opt for replacing it entirely with `PDO` or `mysqli_` first. It doesn't make sense to "fix" it if you are just going to replace it anyways. — GrumpyCrouton, Oct 30 '17 at 20:42
I have mysqli ready, so I just need to replace mysql_query etc.. functions. — Penalse, Oct 30 '17 at 20:58
Yes but PDO is much more verbose and easier to use (In the opinion of many people). — GrumpyCrouton, Oct 30 '17 at 20:59

New items after last visit

0 Answers0