PHP - Date comparison advice

Question

EDIT: Thanks for the responses, using what people suggested here i also browsed through the post that was a duplicate of mine, there are some excellent advice there too but and I just created another because i'd suspected my entire code was bad and wanted some pointers, I got it working now and will share the code I used below:

$today = date("d-m-y");
$expire = $_SESSION["expiration_date"];
$today_time = strtotime($today);
$expire_time = strtotime($expire);
if($expire_time < $today_time){
    $_SESSION = array();
    session_destroy();
    header("location: contact_us_expired.php");
    exit;
}

Using strtotime like that is definitely not as modern as using datetime function though and would be a better practice but that is a lesson for another day. Thanks everyone!

Original Post:

First of all I'm new to PHP and have been learning the ropes with some pratical tests and stuff. Recently I've got a real application to work which is a small CRUD system. The admin creates a user account and the user has 7 days to sample the system before having to contact us to receive some more time or to purchase the tools, all that is working almost as well as i need but i can't really compare the dates succesfully.

When the admin creates an user account, the form gathers and writes in the database the current time and an expiration date 7 days from now, and when said user logs in, a code is used to compare if the account has expired and redirect to a form.

My problem is that the comparing code just refuses to work consistently, some dates way before the expiration date actually let the user log in just fine, if i manually change in the database for a date inside the same month but that has already expired the code works and redirects, but if the date is from last year it doesn't, what's really bothering me is that i cant find what is the culprit here, var_dump and print_r is outputing correct dates.

In two attempts nothing really changed, in one of them the dates are stored in the session and compared when the user logs in, and the other the current date is used to compare the expiration date

Here's some code (Date comparison code)

if($_SESSION["date"] < $_SESSION["expiration_date"]){
    $_SESSION = array();
    session_destroy();
    header("location: contact_us_expired.php");
    exit;
}

(Date harvest when the admin creates a new user)

$created_at = date("d/m/y");
$expiration_date = date('d/m/y', strtotime('7 days'));

Please be calm and understand i'm fairly new, and this is my first real attempt at creating something, the CRUD system appears to be working fine, the comparison though is proving more complicated.

Answer 1

As mentioned already, you are comparing strings. PHP will compare character by character from left to right until the first character that let him decide if your condition is true or false.

Let's say $_SESSION["date"] = "01/01/2020" and $_SESSION["expiration_date"] = "03/12/2019"

PHP will compare the first character 0 and see that they're equal to each others. Then 1 against 3. As 1 is smaller than 3, he will assume that 01/01/2020 is smaller than 03/12/2019, even tho it is not.

Converting the date to a Datetime object is a quite good solution. Another approach could be to convert your date string to a timestamp. PHP have the following built-in function to achieve just that : strtotime().

Note that if you want to use this solution, you will have to adapt your date format using either of the following :

1. Use the ISO format YYYY-MM-DD.
2. If you want to keep the current format, replace the slashes with dashes d-m-y. Your date will then be parsed in the European format that you use.

This function returns as an integer the number of seconds that passed since January 1 1970. Letting you compare if one date is greater or lesser than another.

if(strtotime($_SESSION["date"]) < strtotime($_SESSION["expiration_date"])){
    $_SESSION = array();
    session_destroy();
    header("location: contact_us_expired.php");
    exit;
}