Perform update of later and previous dates

Navigation
2

I have a table called TABLE_ENTREGAS with 4 fields 

id
fecha_entrega
fecha_preparacion
fecha_facturacion

Where fecha_entrega is a data already inserted I call it with a variable $fecha_entrega it contains a data in datetime: 2017-07-03 12:38:35

format

now well

  • fecha_preparacion must insert 4 days before the $fecha_entrega
  • fecha_facturacion must insert 4 days after the $fecha_entrega

This update is the one I have for fecha_preparacion 

    tep_db_query("update " . TABLE_ENTREGAS . " set fecha_preparacion = '" . date_sub($fecha_entrega,INTERVAL 4 DAY) . "' where entregas_id = '" . (int)$entregas_id . "'");

This is 4 days less but the update gives me the following error:

  

Parse error: syntax error, unexpected '4' (T_LNUMBER)

1- I do not know what the error is

2- I do not know if adding + or - to 4 to define 4 days before or 4 days after

    
asked by Ivan Diaz Perez 21.09.2017 в 13:28
source

1 answer

2

You are mixing PHP code with SQL code.

The DATE_SUB function is an SQL statement, not PHP, so it must be within the SQL string you are mounting.

One correct way to do it would be: 

tep_db_query("
  UPDATE " . TABLE_ENTREGAS . "
  SET fecha_preparacion = DATE_SUB('" . tep_db_input($fecha_entrega) . "', INTERVAL 4 DAY)
  WHERE entregas_id = '" . tep_db_input($entregas_id) . "'
");

Also, I must remind you that you should use the tep_db_input to escape the SQL characters that the strings might contain.

On the one hand you will prevent the SQL from breaking in that case and, in addition, you will prevent your code from being vulnerable to SQL injection (the function tep_db_input uses internally mysqli_real_escape_string ).

Regarding the query to use + and - you should only consult the documentation of DATA_ADD / DATE_SUB to resolve your question:

  

expr is a string; it may start with a - for negative intervals.

In Spanish:

  

expr is a string; could start with a - for negative intervals.

    
answered by 21.09.2017 / 14:23
source
Can the component itself be imported into the template? Error when entering the access system, the session is lost and data is recorded failed when entered correctly?